1. EXECUTIVE SUMMARY
- CVSS v3 9.8
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: CISA
- Equipment: Industrial Control Systems Network Protocol Parsers (ICSNPP) – Ethercat Plugin for Zeek
- Vulnerabilities: Out-of-bounds Write, Out-of-bounds Read
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow remote code execution.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following GitHub commits (versions) of ICSNPP – Ethercat Plugin, a plugin for Zeek, are affected:
- Industrial Control Systems Network Protocol Parsers (ICSNPP) – Ethercat Zeek Plugin: versions d78dda6 and prior
3.2 Vulnerability Overview
3.2.1 OUT-OF-BOUNDS WRITE CWE-787
Industrial Control Systems Network Protocol Parsers (ICSNPP) – Ethercat Zeek Plugin versions d78dda6 and prior are vulnerable to out-of-bounds write in their primary analyses function for Ethercat communication packets. This could allow an attacker to cause arbitrary code execution.
CVE-2023-7244 has been assigned to this vulnerability. A CVSS v3.1 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
3.2.2 OUT-OF-BOUNDS WRITE CWE-787
Industrial Control Systems Network Protocol Parsers (ICSNPP) – Ethercat Zeek Plugin versions d78dda6 and prior are vulnerable to out-of-bounds write while analyzing specific Ethercat datagrams. This could allow an attacker to cause arbitrary code execution.
CVE-2023-7243 has been assigned to this vulnerability. A CVSS v3.1 base score of 9.8 has been calculat
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: